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PHP Language * * lel g ail stil) aall Willa y Alia 
lll coal pall Saal 
Questions and their answers 


Q1i:Put true or false sign 


1) Can use Ms. Word program to design new user web page. ( false ) 
2) The form method property used to encryption user pass wo ( false ) 
3) The form control used to send all form's controls data from web browser to web server 
application. ( true) 
4) When assign post value to form Method property,the data will be secured and safety. ( true) 
5) to add new column to table , will type following order code <td> . ( true) 
6) when displaying web site errors to user , this will make it ,more strong and hard to hacking. 

( false ) 
7) when pressing delete link in deleting term web page the record will delete from terms table in data 
base ( true) 
8) Encryption web site password helps hackers to hacking web site. ( false ) 
9) The term session means the way to protect web site from hacking. ( false ) 
10) The purpose from search web page is looking for term in inserted data base terms by using select 
statement. ( true) 
11) Creating new user registration web page ( reg.php) and save their information in database is 
from web protection procedures . ( true) 
12) Term session means ; encryption any user password. ( false ) 
13) Institutions bear the financial losses from the harmful results to penetrate sites. ( true) 
14) The form control used to send all form's controls data from web browser to expression web 
application. ( false ) 
15) Assigning the value [Get] to form's [method] property in case the amount of sending data to 
server is small. ( true) 
16) Must be allowed to write any code in the comments field or in any page of the site pages, the 
absence of the programming to confirm inputs. ( false ) 
17) In expression web ,to create new [ PHP ] page, select new page from file menu then detect page 
type. ( true) 
18) Assigning the value [Get] to form method property, in the case of the size of the data that is sent 
to the server is unsecured and confidentiality ; ( true) 
19) From safety procedures to protect the database is hide errors far from the users and replacing it 
by displaying programing message. ( true) 
20) The expression web program not allows creating PHP web pages. (false) 





Q2:Select the correct answer from brackets: 

1) From safety procedures to protect the database is ............... far from the users and replacing it 
by displaying programing message. [hide errors — show errors - not from previous ] 

pd eer ener A rere ree institute picture or web site owner image is from harmful results of web site 
hacking. [ magnifying - enhancement — distortion | 
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SEEE special user passwords is from web site safety procedures [ clarifying — encryption - 
enhancement ] 
4) We can protect web site in ............. Level. [ server - web site developer - all the previous | 


5) When allowing uploading files to web site ,must check files previously to confirm its type and 
ee programming language presenting many programming methods to check files. [ script - PHP 
- html ] 


6)... statement helps to present to user unmeaning error massages maybe used in hacking. 
[script - Try .... Catch — IsNumeric () ] 

7) To declare a row in a table we will use ................ Code line . [ <rd> -<tr>-<t® ] 

8) PHP programming language used ............ sign to ignore the error message due to the variable 

without value. [$-@-&] 





Q3:Scientific terms: 

1) The code that used to declare new row in a table <tr> 

2) Looking for a security flaw or weak at the site in order to programming is penetrating hacker 
3) An operator that is used to link between two conditions and means AND && 

4) To exit from If conditional statement exit; 

5) The function that is used to encrypt passwords MD5 

6) The protocol that is support safety handling between web server and web browser. Safety 


communication layer 


7) Saving data in a variable in server memory for only one time session 





Q4) State whether the following statements are true (V) or 
false (X) 

1) The statement While { } used for executing a number of limited or known of loops. (X) 

2) The statement While { } used for executing a number of unlimited or known of loops. ( V) 

3) Within While { } statement the condition is checked first if it’s true then the code execute. (V) 
4) The statement Do.... while { } used for executing a number of unlimited or known of | loops. (vV) 
5) The statement Do... while { } starts looping one single time before the condition is get checked. (V) 
6) The statement for { } used for executing a number of limited or known of loops it works the same 
as while statement. (vV) 

7) The statement Do... while { } used for printing the initial value for the variable. (V) 

8) The statement For { } used for printing the URL of the ministry ten times. ( V) 

9) The code include(‘’connection.php’’) used for including php code in the page header. ( X ) 

10) The code include(‘*header.php’’) used for including php code in the page header. (V) 





Q5) Choose the correct answer: 
1) The following code <table style='width: 100%' border="1"> is used in declaring for........... 
(table, variable, constant) 


2) To declare for a row use the code........... (<br> -<td> - <tr>) 

3) To declare for a column use the code ......... (<br> -<td> - <tr>) 

4)The purpose of the following code include(‘’header.php’’) is ........ (Including php code in 
the page header, including connection code in the connection database, declaring for a variable) 
5) The purpose of the following code include(‘’connection.php’’) is......... (Including php code in 


the page header, including connection code in the connection database, declaring for a 
variable) 


6) HTML tags are written in.................68 program. (Notepad, visual basic, Excel) 
7) PHP code is written within....... (HTML tag, visualbasic,bot) 
8) Use the statement.................... for printing the initial value for the variable. 
(if, Do...while {},for {} ) 
9) Use the statement.................... for printing the URL of the ministry ten times.......... 
(if, Do...while {},for {} ) 
10) When the times of looping are known use the code............ (if, Do...while {},for {} ) 





Q6) Complete: - 


1. The statement ...... TOL { }.......... used for executing a number of limited or known of loops. 
2. The statement ......... while { }........ Ob ARTS Do... while { } used for executing a 
number of unlimited or known of I loops. 

3. the condition is checked first then the code executed within the statement ......... while { } 
4. Use the statement Do... while { } ........00.. for printing the initial value for the variable. 

5. The code .....ceecsecseeees include(‘header.php”’) used for including php code on the page header. 


6. The code... include(’’connection.php”’) used for including php code on the page 
connection. 


7. To declare for a ...........06 table, use the following code........ <table style='width: 
100%' border="1"> within PHP language. 
8. To declare for a row use the code............. <tr> 





9. Every statement within PHP language must end with......... Pi 
10. To add a note or comment within PHP without translation or executing, the symbol 
itcanadeous II must come before. 

11. To declare for a column use the code ......... <td> 

12. To print out any information on the browser page use .... ECHO or..........+5 
Print. 


13. The code <?php declare that next code is about a........eeeeeeees script 
Ieeiea PHP language which will execute on ...ssssssssssssn server by using 
Apache server. 

14. In PHP language to move to the next line use the code........ <br> 

15. PHP code is always begin with........ <?php and end with............. = 

16. The code <?php declare the next code is about a......... script and this will execute 
on the Server. 

17. To declare for a variable use the syMbol.........2+00000 $ 


18. To insert a table through Expression Web program, choose insert table from insert 
or table menu. 

19. The statement............. Do... while { } starts looping before the condition is get 
checked. 
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20. If the condition is ....... true the looping is executed, but if it’s ............. false the 
looping stopped. 





Q7) Choose the correct answer: 

\. To deal with data in Arabic use the following code 

A) <?php 

include("header.php"); 

include("connection.php"); 

B) mysgql_query("SET NAMES 'utf8"’’); 

C) $sql="select * from terms"; 

Y. To assign the statement (select) to the variable $SQL as a chain of character, use 
the following code 

A) <?php 

include("header.php"); 

include("connection.php"); 

B) mysql _query("SET NAMES 'utf8"’’); 

C) $sql="select * from terms”: 

Y, To assign a number of records use the code 

A) $num=mysql_num_rows($query); 

B) $query= mysql__query($sql); 

C) mysql _query("SET NAMES 'utf8"’’); 

¢. To execute the query statement and add it to the variable $query, use the 
following code 

A) $num=mysql_num_rows($query); 

B) $query= mysql _query($sql); 

C) mysql _query("SET NAMES 'utf8"’’); 

©, echo(“<h1> 216 Gilat! $num<h1>”),this code is used for 
A) Display terms (number of records) on the webpage. 

B) To execute the query statement and add it to the variable 

C) $query. 

D) To assign the statement (select) to the variable $SQL as a 
chain of character 

1, The help page (Help.php) used in 

A) Supplying users with required information about how to deal with the website pages. 
B) Search for a term. 

C) Delete a term. 


V. The help page (Help.php) includes 

A) How to use the website tutorial. 

B) Direct hyperlinks to some website pages. 
C) The website tasks performance searching. 
D) All of above. 

^. The help page (Help.php) includes 

A) Some helpful programs. 

B) Hyperlinks to some external website pages. 
C) How to use the website tutorial. 

D) All of above. 





Q9)Statements are true (V) or false (X): 

1. Poor programming is a reason for hacking the website. (V) 

2. It’s possible to take advantage of a hole in the system security to hack the website. (V) 
3. The hacker can’t delete or edit data when hacking a website (X) 

4. Check inputs before storing in database is the website developers responsibility. (V) 
5. It’s not necessary to confirm of continued updating for programs that used within website 
management. (X) 

6. It’s not necessary to detect or hide possible errors. (X) 

7. The error must be expected and managed Programmatically, to prevent website hacking. ( V ) 
8. Unconfirmed input data give a chance to website hacking. (V) 

9. The function array contains one parameter only. (X) 

10. The function explode contains two parameters. (V) 

11. It’s better to use HTTPS instead of HTTP within financial websites. (V) 

12. Passwords should be kind of complicated. (vV) 

13. The user must be forced to insert passwords with significant characteristics. ( V ) 

14. Passwords should always be fully encrypted when saved. (V) 

15. SQL statements should be inserted through dealing with database. (X ) 





Q10) Choose the correct answer: 

1- The procedures of securing websites are: 

A) Securing through the server. 

B) Securing through the websites developers. 

C) Both. 

2- To secure the websites through websites developers: 
A) Check inputs before storing in the database. 

B) Encrypting the passwords. 

C) Managing the website folders within strong passwords. 


D) All of above. 
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3-To secure the websites though websites developers: 

A) Check inputs before storing in the database. 

B) Encrypting the passwords. 

C) Limit users’ authority clearly. 

D) All of above. 

4- The main safety precautions for securing the website: 

A) Keep software up to date. 

B) Dealing with error messages 

C) Check input data validation of the user/visitor. 

D) All of above. 

5- One of the safety precautions: 

A) The passwords. 

B) Avoid inserting SQL statements. 

C) Avoid writing XSS code through the website. 

D) All of above. 

6- Is considering one of the array functions which retrieve the last value 
element. 

A) array. 

B) end. 

C) Explode. 

7- The function ......... creates a new array that contain a group of 
elements. 

A) array. 

B) end. 

C) explode. 

8- The function........ is converting the variable into array of a group of 
elements. 

A) array. 

B) end. 

D) explode. 

9- A protocol for supporting security management between the web server 
and the web browser. 

A) SSL (secure sockets layer). 

B) HTTP. 

C) HTTPS. 

10- The most important applications for testing the website security 
against hacking is: 

A) Open VAS. 

B) Netsparker. 


C) Both. 


7 


11- Is considered one of the most important used open source application 
for testing the website security. 

A) Open VAS. 

B) Netsparker. 

C) Both. 

12- It is good for testing (SQL injection) and (XSS). 

A) Open VAS. 

B) Netsparker. 

C) Both. 

13- There is/are .......... To send the form data. 

A) One way. 

B) Two ways. 

C) Three ways. 

14- Use (GET) if the data were: 

A) Confidential. 

B) Not confidential. 

C) Important. 

15- It’s a way to store data into a variable within the server memory for 
one uSef..........+. 

A) Session. 

B) Script. 

C) Query. 

16-This code is used for: 

A) Check of clicking the button (submit). 

B) Assign the control elements content on the form. 

C) Dealing with data in Arabic clearly. 

17-This code is used for: 

A) Check of clicking the button (submit). 

B) Assign the control elements content on the form for the variable txt_user. 
C) Dealing with data in Arabic clearly. 

18-This code is used for: 

A) Check of clicking the button (submit). 

B) Assign the control elements content on the form for the variable used. 
C) Dealing with data in Arabic clearly. 

19-This code is used for: 

A) Check of clicking the button (submit). 


B) Assign the control elements content on the form for the variable password. 
C) Dealing with data in Arabic clearly. 





Q11) Complete: - 
Main page Index php: its purpose Activate the hyperlinks that could move from one page to 
another. 


The connection page to the data base.connection .php : Achieving connection with the data base. 
It is called before dealing with the data. 


The header page header. Php: Showing the photo banner and the hyperlinks that takes us to all the 
pages, it is called at the beginning of every page. 


Add term page { Add __term.php : Inserting term & all its data in terms table in the data base. 
Search for a term. Search_term.php: Searching for a term in terms table in the data base. 

Page of editing term Edit term. Php: Editing the data of a term in the terms table in the data base. 
Page of deleting term Del_term.php: Deleting data of a term in terms table In the data base. 
<?PHP The beginning of php code. 

$x =1; Variable starts with 1 value. 


While ($x <= 100) Executing all the instructions in looping statement which appears between 2 
brackets { } as long as the condition is right, as long as the variable $x less than or equal 100. 


{ The beginning of looping statement. 
Echo ($x);_ Printing the variable value. 
Echo ("'<Br>"');_ Moving to a new line (executing HTML code inside php code). 
$x ++; Increasing the numerical or variable with value 1. 
} The end of the looping statement 
?> The end of PHP code. 
// sign means that what follows, it is a notice and shouldn’t be executed 
looping statements: 
(1) While 
(2) For 


(3) Do ... While 


While{ } 


is used to execute unknown or un limited number of repetitions and these repetitions can be executed 
only on one condition at first, testing the condition and be sure the result is true. The following 
repetitions will be executed and this repetition continues as long as this condition is true. -if the 
condition is false the repetition can’t be executed Example: searching in data base and searching the 
internet. 


Do { } while 


Is used in executing an unlimited or unknown number of repetitions , and you start in executing a 
repetitive circle once before testing the condition if it is true , then it is repeated and the instructions 
are executed in the circle , the result becomes false then the repetition stops and going out from the 
circle. Example { printing the primary value of the variable } 


For { } 


It is used to execute an unknown or unlimited number of repetitions. It works the same way as while 
statement. Example (printing the email address of the ministry website 10 times). 


<table style='width: 100%' border="'1''> 

Showing table its width is 100% wide, the frame and it's the thickness which it surrounds. 
<tr> 

For declaring (tr) about the row 

<td> ci zili</td> 


For declaring [td] about columns where in every one of it contains the title of the field and switching 
it off </td>. 


if (isset($_POST['submit1'])) { 
Be sure of pressing on submit button, test pressing on “search by word button” 
$txt_search=$_POST['txt_search']; 


It picked the term or the value that it has been inserted in the text box on the browser and put it in the 
variable $text_search. 


mysql_query(""SET NAMES '‘utf8'"'); 
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Using mysql_query to deal with data on the browser screen in Arabic correctly and it won’t be 


$query=mysql_query($sql) ; 


Using Mysql _query Using this function in executing the query and putting the result in variable 
$query. 


<?php include("header.php"); include(‘'connection.php"'); 

Start php code, -including Header & connection pages with the data base of the page. 
mysql_query("SET NAMES '‘utf8'"'); 

Dealing with the data in Arabic. 

$sql="select * from terms"; 

Specialize Select statement as a chain to the variable $SQL. 
$query=mysql_query($sql); 


By using mysq |_ query , we execute query and put it inside the variable $query (all the records of 
table terms) 


$num=mysql_num_rows($query); 
?> 


Specialize number of records by using mysql_num_query to the variable $num at the end of code 
PHP. 


Securing websites is a necessity to stop penetration, which leads to many harms and negative 
results like: 


1. Stealing or losing important database that may lead to great problems in all fields. 

2. Getting foundational or personal information and what harms it may cause. 

3. Showing unsuitable content that it might contains political, religious, ethical attitudes. 
4. Deforming the image of the foundation or the person who owns the website generally. 


The penetration concept: The website penetration, it’s generally called website hacking by using 
the penetrator the hacker a way or a weak program that enables him to get the validity of controlling 
the website management or dealing with its database by any way (showing, deletion, editing and so 
on). 
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The ways of protecting the website: 


l- Protecting server (website hosting)Protecting the website here is the responsibility of the sever or 
website hosting where it makes / sets security options & controls it more , also it endures the 
responsibility of too many challenges especially in the system of operating the server. 


2- protecting the website developers: The website developers and those who are in charge of it are 
responsible for protection this through: 


a) Be sure of the inputs before saving it in the database. 

b) Encrypt password. 

c) Managing the important website folders with strong passwords. 
d) Specifying the user's validity correctly and clearly. 


Some precautions to keep securing the website: 


l- Keep software up to date 


2- Dealing with error messages 


